Orbital Help

Cisco Orbital is a service that adds osquery to Secure Endpoint to support detailed and fast queries for incident responders. Orbital is available to Secure Endpoint Advantage customers and currently supported on:

• 64-bit Windows 10 hosts running Version 1703 (Creators Update) or later.
• Windows Server 2016 and later
• macOS 10.15.

About:

• What is Orbital? – What is Orbital and how can you use it?
• How Do I Get Orbital? – How can you get Orbital?
• Requirements – What do you need to use Orbital?
• Quick Start – How do you use Orbital to query Secure Endpoint endpoints?
• Orbital APIs – How to write applications that use Orbital.
• Remote Data Stores – Use the Orbital Remote Data Stores interface to send results to your choice of destinations.

User Interface:

• Query – Submit queries and create jobs.
• Jobs – Jobs are scheduled queries. Manage jobs and view the results.
  • Schedule Orbital Jobs – How to create Orbital jobs.
• Endpoints – View detailed endpoint information.
• Catalog – Find queries designed by Cisco to search and investigate.

SecureX Sign-On

• SecureX Sign-On Integration - Using Orbital with a SecureX Sign-On account.
• SecureX New Account - How to create a new SecureX account.

Support:

• Orbital Nodes – Discussion on Orbital Nodes.
• Alerts, Errors, Warnings – What errors could you see from Orbital?
• Troubleshooting – How to troubleshoot Orbital.
  • Windows Troubleshooting – How to troubleshoot Orbital on a Windows Endpoint.
  • macOS Troubleshooting – How to troubleshoot Orbital on a macOS* Endpoint.
• FAQ – Frequently Asked (or Anticipated) Questions about Cisco Orbital.
• Glossary – Terms specific to Orbital.

*Note: The macOS node is currently undergoing open beta testing.